Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

RHPAM-4719: Persistent Cross-Site Scripting (XSS) #1393

Merged
merged 6 commits into from
Jul 13, 2023
Merged

RHPAM-4719: Persistent Cross-Site Scripting (XSS) #1393

merged 6 commits into from
Jul 13, 2023

Commits on Jul 12, 2023

  1. RHPAM-4719: Persistent Cross-Site Scripting (XSS) 

    Fixes RHPAM-4716 & RHPAM-4717 by using StringEscapeUtils::
escapeHtml4() method in ProjectResource and by implementing
helper method, using escapeHtml4(), to escape conrtributors
names in OrganizationalUnitServiceImpl
    @domhanak @paulovmr
    domhanak authored and paulovmr committed Jul 12, 2023
    Configuration menu
    Copy the full SHA
    e9821c2 View commit details
    Browse the repository at this point in the history

  2. RHPAM-4719: Add unit test cases for XSS data

    @domhanak @paulovmr
    domhanak authored and paulovmr committed Jul 12, 2023
    Configuration menu
    Copy the full SHA
    e5ff88d View commit details
    Browse the repository at this point in the history

  3. RHPAM-4719: Replace single qoute with nothing

    @domhanak @paulovmr
    domhanak authored and paulovmr committed Jul 12, 2023
    Configuration menu
    Copy the full SHA
    8d92624 View commit details
    Browse the repository at this point in the history

  4. RHPAM-4917: Expand escaping to RepositoryService 

    Refactors unit tests to use same methods as in main classes
Add some unit tests
    @domhanak @paulovmr
    domhanak authored and paulovmr committed Jul 12, 2023
    Configuration menu
    Copy the full SHA
    04536b3 View commit details
    Browse the repository at this point in the history

  5. Fix code duplication 

    Moves methods for escaping out of services
    @domhanak @paulovmr
    domhanak authored and paulovmr committed Jul 12, 2023
    Configuration menu
    Copy the full SHA
    0872802 View commit details
    Browse the repository at this point in the history

  6. Increase coverage and remove code smells

    @domhanak @paulovmr
    domhanak authored and paulovmr committed Jul 12, 2023
    Configuration menu
    Copy the full SHA
    a2277c8 View commit details
    Browse the repository at this point in the history